Lucene search
WPScanCVE-2023-6139HistoryJan 08, 2024 - 7:15 p.m.
CVE-2023-6139
2024-01-0819:15:09
WPScan
web.nvd.nist.gov
22
cve-2023-6139
essential real estate
wordpress
plugin
dos
nvd
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
0
Percentile
13.3%
The Essential Real Estate WordPress plugin before 4.4.0 does not apply proper capability checks on its AJAX actions, which among other things, allow attackers with a subscriber account to conduct Denial of Service attacks.
Affected configurations
Node
g5plusessential_real_estateRange<4.4.0wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| g5plus | essential_real_estate | * | cpe:2.3:a:g5plus:essential_real_estate:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"vendor": "Unknown",
"product": "Essential Real Estate",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThan": "4.4.0"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
}
]Related
wpvulndb
wpvulndb
nvd
nvd
CVE-2023-6139
2024-01-08 19:15:09
prion
prion
Design/Logic Flaw
2024-01-08 19:15:00
cvelist
cvelist
wpexploit
wpexploit
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
0
Percentile
13.3%
Related for CVE-2023-6139